I write this script

eoe LABEL
eob BABEL
run

LABEL:
esto

BABEL:
cmp eax, 00DCE1FC
log eax
je STEP
run

STEP:
ret

and put manually a HARDWARE BPX ON WRITE on a location.
This script skip the exceptions and automatically SHIFT + F9 well, and continue, but when the program write in the poistion of the HARDWARE BPX, the first time (in the log)

Log data, item 21
Message=eax = FEEEFEEE | FEEEFEEE

EAX is not 00DCE1FC, JUMP and continue RUNNING, the second time equeal but the 3er time, stop and finish the script, EAX=FEEEFEEE in this time too and a CMP is not true.

But the ollyscript jumps and end the plugin, the plugin is write to finish when eax= 00DCE1FC not eax=FEEEFEEE

SNIF

Ricardo

Sorry i wrote bad this part

EAX is not 00DCE1FC,NOT JUMP and continue RUNNING, the second time equal, but the 3er time, stop and finish the script, jumping bad if EAX=FEEEFEEE and a CMP is not true.

Ricardo

I need this script for the solution of the new armadillo with IAT destruction, where is the autor buaaaaaaaaaa, without the script take hours go to the desired point

Ricardo

Sorry, really missed your post =(
Check what I replied to the other guy...
Maybe you have the same error (: after jump)?

Ricardo, Te falta un JMP.

Salu2.

SACCOPHARYNX

PSYCKO:

The script works now. It is not a great idea to use EBP because the difference between the value of EBP and the value of SubKey in the stack is not 3B in all cases, but using ESP or EAX, it works.

Thanx a lot for your help.

SACCOPHARYNX

My fault... I meant ESP =)